Apache Milagro (incubating)
Brian Spector, Co Founder / CEO, MIRACLCo Founder, Apache Milagro (incubating)
To Secure the Future of the Web
Apache Milagro: A Distributed Cryptosystem
PKI and Certificates: Mainly used to secure
connection between different web browser manufacturers
and millions of web sites.
Today’s Security is PKI / Passwords / 2FA
3
Passwords and / or API Keys: Stored credentials sent from browser / client to back end
service to authenticate user or application.
Two-Factor Authentication: Additional authentication deployed in addition to
passwords to stop a compromise of account.
passwordsbrowser
Password database
2nd Factor of Authentication
Bob
Web / App server with domain certificate
UsernameBob28v.NoirAlice_467Sarah.h!Samsam10sunnykid1
Passwordsarahpassword123linkedinfacebook1helloPass1!
[email protected]@gS.hard@gSam@yahsunny@ma
2nd Factor AuthenticationDatabase of Keys orSeed Values
Public Key Infrastructure (PKI) Refresher
4
Public / Private Key Pair
Public Key Private Key
What is encrypted with one key
Can be decrypted with the other
Can be decrypted with the other
What is encrypted with one key
Public / Private Key Refresher:Current state of the art is Asymmetric Encryption (Public and Private Keys)
Public / Private Key RefresherCurrent state of the art with Alice and Bob example
5
Hello Bob! Encrypt Bob’s Public Key
As&*09sxx!jljsljslj7897 Alice uses Bob’s Public Key to encrypt information meant for Bob
DecryptHello Bob! Bob’s Private Key Bob’s Key Pair
Alice
Bob
Bob uses his Private Key to decrypt information
Public Key Infrastructure (PKI) Refresher
An X.509 Digital Certificate is an electronic document used to prove the ownership of a domain, person, app or thing’s public key.
Digital Certificates Provide Identity for PKI
6
Example: Bob’s Public Key is binded to Bob’s Certificate by a Certificate Authority’s signature.
Bob’s Public
Key
Bob
The certificate includes information about its owner's identity, the public key and
the digital signature of a Certificate Authority that has verified the certificate's
contents are correct.
Certificate Authority
Identity Information CA’s SignatureCertificate with CA Signature
PKI is Complex, Costly and Vulnerable
7
Alice
Certificate AuthorityRegistration Authority Recovery Server
CA’s Root & Public
Key
Their Private Keys
People / Apps / Things
OCSP Server
Their Public Keys and Certificates
HSMs store CA Root KeysDirectory Servers
Today’s Security is Centralized
8
PEOPLE
THINGS
APPS
UsernameBob28v.NoirAlice_467Sarah.h!Samsam10sunnykid1
Passwordsarahpassword123linkedinfacebook1helloPass1!
[email protected]@gS.hard@gSam@yahsunny@ma
password123
Credentials sent over the Internet risk being stolen in transit
Most everything on the Internet uses some form of stored credential to authenticate and securely
communicate
Today’s Security stores authentication credentials in whole form, in one place, and is easy to compromise.
Today’s Security Does Not Work
9
Since 2013: 5 Billion Data Records Breached
Credentials sent over the Internet risk being stolen in transit
Most everything on the Internet uses some form of stored credential to authenticate and securely
communicate
10
The username / password database still exists, full of passwords,in whole form, in one place, ready to be hacked.
Two-Step and Two-Factor Don’t Remove the Threat
SMS
2FA
Username/PasswordDatabase still there
Two-Step
Two-Factor
UsernameBob28v.NoirAlice_467Sarah.h!Samsam10sunnykid1
Passwordsarahpassword123linkedinfacebook1helloPass1!
[email protected]@gS.hard@gSam@yahsunny@ma
Our Ideal Security Architecture
11
• Centralized (enforced) Trust Authorities
• Single Points of Compromise (root keys)
• x.509 is required because the crypto is old
• Management is hard / revocation is broken
• Proprietary / hard to audit
VS
• Distributed Cryptosystem with Distributed Trust
• No Single Points of Compromise
• Identity is burned into the keys, no x.509
• Revocation works because less moving parts
• Open source / easily auditable
Today Tomorrow
Multi-Factor Authentication and TLS
Extend Trust based on your needs
Revoke Trust based on your environments
Scale Trust to Mobile, IoT, and apps
Apache Milagro: A Distributed Cryptosystem
Milagro Utilizes Pairing Cryptography
13
• Identity is “burned in” to the cryptographic keys removing the need for x.509 digital certificates and PKI
• Private Keys can be generated in “fractions” by different Private Key Generators called Distributed Trust Authorities
• Only the endpoint receiving the fractions knows the complete key
• The key is protected by splitting it into different identity factors that are local to the endpoint
• Identity factors are never stored, hence, the complete key is never stored
This makes the following possible:
Milagro enabled apps and things receive their key shares, or fractions, from Distributed Trust Authorities.
Distributed Trust Ecosystem
D-TA 2
D-TA 3
D-TA 1
Keys have Identity ”burned in”
Distributed Trust Authorities (D-TAS)
End Customer (Enterprise)
D-TA 1
D-TA 2
D-TA 3
Foundation
Cloud Provider
Milagro EnabledClients and Servers
Anyone or organization can become a Distributed Trust Authority
And run it in any geography or jurisdiction
There is no PKI ‘root’ – the future is decentralized
Receiving Keys from D-TAs
FromD-TA1 FromD-TA2
D-TA 2
D-TA 3
D-TA 1
FromD-TA3
• Private Keys can be generated in “fractions” by different Private Key Generators called Distributed Trust Authorities
• Only the endpoint receiving the fractions knows the complete key
KeyID=AnyUniqueIDthatcanbeclaimedbytheendpointExample:[email protected] ORChipID#98934879847,etc.
Protecting the Key for Storage (End User)
21
SoftwareToken
PIN3
Geo4 Biometric 5 Time
As part of establishing their identity, a user chooses a 4-digit PIN
(something they know)
A software token resides within the mobile application that the user employs to authenticate into a service
(something they have)
A specific location (employer) or series of locations can also become part of a user’s identity
(somewhere they are)
User can input a unique biometric (fingerprint) as part of their identity
(something they are)
Identities can be established for authorization only within certain time zones or windows
(in the right time)
NoKeyEncryptionKey(KEK)toprotectMilagroPrivateKeyrequired
Protecting the Key for Storage (IoT)
21 KeyFragmentPUF
5 Time
A device can take advantage of using physically unclonable functions (PUF) known only to it as a PIN #(something it knows)
A software token resides within SVRAM or other voliatile or NV storage
(something it has)
Identities can be established for authorization only within certain time zones or windows
(in the right time)
NoTEEorTPMtoprotectMilagroPrivateKeyrequired
Identity based cryptographic multi-factor authentication and digital signature protocol that replaces passwords.Milagro MFA runs entirely in software – it’s browser / app friendly.
Milagro Multi-Factor Authentication
Milagro TLS Library
The same protocol run interactively creates an authenticated key agreement between client & server or peer to peer
21
Apache Milagro is Built for Internet of Things
Alice
are verified by independent
Identity Providers
Milagro Private Key
People / Apps / Things
secured with local Identity Factors
Something you have you know you are It is
to obtain key ‘shares’ from Distributed Trust
Authorities
Milagro Ecosystem
DISTRIBUTED TRUST AUTHORITIES issue shares of keys in the identity of and to a Person /App /Thing
DISTRIBUTED TRUST AUTHORITIES register proof of existence / create verifiable audit trails on BLOCKCHAIN
PEOPLE / APP / THING REQUESTS SHARES OF KEYS FROM DISTRIBUTED TRUST AUTHORITIES
companycompanycompanycompany
xx xx-x-xx-x xx-x-xx-x xx-x-xx-x xx-x-xx-xxx xx-x-xx-x xx-x-xx-x xx-x-xx-xxx xx-x-xx-x xx-x-xx-x xx-x-xx-xxx xx-x-xx-x xx-x-xx-x
IDENTITY PROVIDERS vouch for the identity of people, apps, things to the distributed trust authorities
Apache Milagro (incubating) Roadmap
23
Development of Ecosystem (2017)
• Multi-Factor Authentication for Web and Mobile (completed)
• Distributed Trust Authorities (independent keys): Milagro D-TA code, Milagro blockchain client
• Identity Providers: Miladro IdP code, Milagro blockchain client
• Internet Of Things: IoT SDKs
• Blockchain: Milagro Proxy for blockchain and IoT
Development of Enabling Protocols
• Milagro MFA mobile SDKs for iOS / Android (completed)
• Milagro 1-pass protocol for authentication and digital signature, released in Milagro MFA Mobile SDKs, Server and JavascriptClient
• OpenID Connect Web SDKs for Milagro MFA federation
Goal - To quickly and collaboratively enable an independent security paradigm that provides strong authentication and cybersecurity across the web, over the Internet of Things, or on
the Blockchain.
25
A Distributed Identity Based Cryptosystem for IoT and Blockchains
Blockchain Problem 1: Confidentiality and Transparency
Cryptocurrency transactions do not have enough privacy, nor the verification of identity, necessary to be compliant with banking regulatory requirements that deal with customer privacy and AML / KYC regulations.
26
A Distributed Identity Based Cryptosystem for Blockchains
Blockchain Problem 2: Speed and Scalability
Cryptocurrency transactions by design can not be instantaneous. There is no way to create a capability to rival Visa’s transaction network on Bitcoin’s Blockchain (or any
Proof of Work based Blockchain) without modifying the protocol itself.
27
A Distributed Identity Based Cryptosystem for Blockchains
Blockchain Solution: Apache Milagro provides confidentiality, identity integrity and instantaneous transactions for P.O.W. based cryptosystems
Among transaction participants, identity integrity is assured. Outside of the transaction, the transaction information is private.
Among all participants, the transaction is instantaneous, even if the underlying cryptocurrency is Proof of Work based.
28
Apache Milagro: How it Works
D-TA 1
D-TA 2
D-TA 3
a) Distributed Trust Authorities are ‘anchored’ into the Blockchain and create a ‘partition’, which is a transaction ecosystem (merchant, vendor, individual, thing, etc.)
b) D-TA’s provide shares of ID based cryptographic keys (Milagro crypto tokens) to people, apps or things depending on ecosystem and use case within the partition.
c) Milagro tokens deliver identity integrity for participants within the partition (people, apps or things) and enable instant transactions within the partition.
d) Within the D-TA triangle, all transactions can meet KYC and AML requirements and are instant.e) Outside of the D-TA triangle, all transactions are confidential and appear uniform.